PatchSiren cyber security CVE debrief
CVE-2024-1839 Intrado CVE debrief
CVE-2024-1839 is a critical unauthenticated blind time-based SQL injection vulnerability in the Intrado 911 Emergency Gateway (EGW) login form, published by CISA on June 11, 2024. The vulnerability carries a CVSS 3.1 score of 10.0 (Critical), reflecting network attackability with no privileges required, no user interaction, and scope change, with high impacts to confidentiality, integrity, and availability. The blind time-based SQL injection vector allows unauthenticated attackers to execute malicious code, exfiltrate data, or manipulate the database through the login form. Intrado has released a patch requiring upgrade to the 5.5/5.6 branch; organizations must contact Intrado technical support for assistance. Immediate patching is essential given the critical severity and unauthenticated attack vector affecting emergency communications infrastructure.
- Vendor
- Intrado
- Product
- 911 Emergency Gateway (EGW)
- CVSS
- CRITICAL 10
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-06-11
- Original CVE updated
- 2024-06-11
- Advisory published
- 2024-06-11
- Advisory updated
- 2024-06-11
Who should care
Organizations operating Intrado 911 Emergency Gateway systems, particularly public safety answering points (PSAPs), emergency communications centers, and critical infrastructure operators relying on E-911 services. Network defenders, ICS security teams, and emergency communications administrators should prioritize this vulnerability due to potential impact on life-safety systems.
Technical summary
The Intrado 911 Emergency Gateway login form contains an unauthenticated blind time-based SQL injection vulnerability. Attackers can inject malicious SQL payloads through the login form without authentication, leveraging time-delay techniques to infer database structure and content. Successful exploitation enables arbitrary code execution, data exfiltration, and database manipulation. The vulnerability is remotely exploitable with low attack complexity, requiring no privileges or user interaction.
Defensive priority
critical
Recommended defensive actions
- Contact Intrado technical support at 1-888-908-4167 or [email protected] to obtain the security patch for CVE-2024-1839
- Upgrade all Intrado 911 Emergency Gateway deployments to the 5.5/5.6 branch to enable patch application
- Prioritize patching of internet-facing or externally accessible EGW instances due to unauthenticated network attack vector
- Implement network segmentation to restrict EGW administrative interfaces to authorized management networks only
- Monitor authentication logs and database query patterns for anomalous time-delay indicators consistent with blind time-based SQL injection attempts
- Apply CISA ICS recommended practices for defense-in-depth strategies for industrial control systems
- Review and validate input sanitization on all authentication forms as a compensating control during patch deployment windows
Evidence notes
Vulnerability details sourced from CISA CSAF advisory ICSA-24-163-04. CVSS 3.1 vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. Remediation requires upgrade to 5.5/5.6 branch and patch application via vendor support channels.
Official resources
-
CVE-2024-1839 CVE record
CVE.org
-
CVE-2024-1839 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-06-11